In this session four of a four part series led by Cara Wulf, we identify how to ensure that good cybersecurity hygiene flows through a contractor’s supply chain and is reported to the Government. We discuss the Defense Contract Management Agency’s (DCMA) mandate to examine contractor compliance with cybersecurity requirements as part of its Contractor Purchasing System Reviews (CPSR), the Supplier Performance Risk Systems (SPRS), and its implications for contractors in the near future. At the end of the session, we take a step back and examine where contractors are on the cybersecurity continuum, and where they are headed as the programs we have discussed over the course of the series continue to develop.